<!DOCTYPE html>
<html>
<head>
    <title>Django SQL Injection Vulnerability Demo</title>
    <style>
        .container { max-width: 1200px; margin: 0 auto; padding: 20px; }
        .section { background: #f5f5f5; padding: 15px; margin: 10px 0; border-radius: 5px; }
        .debug { background: #f8f8f8; padding: 15px; margin: 10px 0; border-radius: 5px; }
        .error { background: #fff0f0; padding: 15px; margin: 10px 0; border-radius: 5px; color: #d00; }
        pre { white-space: pre-wrap; }
        input[type="text"] { width: 100%; padding: 5px; margin: 5px 0; }
        button { padding: 10px 20px; background: #4CAF50; color: white; border: none; border-radius: 4px; cursor: pointer; }
    </style>
</head>
<body>
    <div class="container">
        <h1>Django SQL Injection Vulnerability Demo</h1>
        
        <div class="section">
            <h2>System Information</h2>
            <p>Django Version: {{ django_version }}</p>
            <p>Database: {{ database_info }}</p>
            <p>OS: {{ os_info }}</p>
        </div>

        <div class="section">
            <h2>Test Input</h2>
    <a href="/"><button>annotate+select_related SQL注入</button></a>
    <a href="/alias-select-related/"><button>alias+select_related SQL注入</button></a>
    <a href="/alias-order-by/"><button>alias+order_by SQL注入</button></a>            <form method="GET">
                {% if annotate_input %}
                <div>
                    <label>Annotate Input:</label>
                    <input type="text" name="annotate_search" value="{{ annotate_input }}">
                </div>
                {% endif %}
                {% if alias_input %}
                <div>
                    <label>Alias Input:</label>
                    <input type="text" name="alias" value="{{ alias_input }}">
                </div>
                {% endif %}
                <button type="submit">Submit</button>
            </form>
        </div>

        {% if debug_info %}
        <div class="debug">
            <h2>Debug Information</h2>
            {% for key, value in debug_info.items %}
            <p><strong>{{ key }}:</strong></p>
            <pre>{{ value }}</pre>
            {% endfor %}
        </div>
        {% endif %}

        {% if error %}
        <div class="error">
            <h2>Error Information</h2>
            <pre>{{ error }}</pre>
        </div>
        {% endif %}
    </div>
</body>
</html>
